Security Support Engineer, Vulnerability Management and Remediation Operations

Embark on a Mission to Fortify Amazon's Defenses as a Security Engineer with the Vulnerability Management & Remediation Operations team!

Amazon Security is seeking an experienced and innovative Support Engineer specialising in cybersecurity to join our Vulnerability Management and Remediation Operations (VMRO) team in Sydney, Australia. The VMRO team is a global team that is responsible for assessing, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem.

• Support vulnerability detection campaigns by working closely with Campaign Owners to launch and continuously improve the quality of campaigns across Amazon.
• Assess and negotiate with customers to drive down security risk by engaging with teams to remediate critical security vulnerabilities in their environments.
• Collaborate with builder teams to implement security fixes and improvements.
• Understand technical details of vulnerabilities affecting Amazon's infrastructure, services, and applications.
• Review and analyse common vulnerability disclosures and assist in evaluating potential impacts.
• Help triage vulnerabilities and contribute to impact and detection logic assessments.
• Contribute to the development of automation of repetitive tasks.
• Actively participate in updating documentation and sharing knowledge across your global peers.
• Participate in an on-call rotation to support continuous monitoring and remediation of vulnerabilities.

• Strong understanding of security concepts with a security mindset.
• Strong understanding of computer and network weaknesses and mitigating controls.
• Strong ability to understand risk and prioritisation in the context of the business.
• Ability to communicate effectively within technical and business settings.
• Ability to document learnings and contribute to knowledge sharing and runbook building.
• Experience with secure-cloud configuration, (CloudTrail, AWS Config), cloud-security technologies (VPC, Security Groups, WAF etc.), and cloud-permission systems (IAM).
• Experience with identity and access concepts, with technologies to secure production and corporate access, (SSO, SAML) and with Federated Identity, RBAC, authentication and authorisation solution, encryption, SSL, and related.- 2+ years of experience in fields such a Security Operations, technology audit, or security vulnerability lifecycle.
• Ability to prioritise multiple tasks and projects.
• Have a passion to learn and thrive in a dynamic and constantly changing environment.
• Experience with virtualisation technologies, especially with AWS services.
• Relevant industry certifications such as CISSP, SANS, ISC2, CompTia, etc.
• Maturity, judgment, negotiation/influence skills, analytical skills, and leadership skills.
• Demonstrated knowledge of web protocols, common attacks, and working knowledge of Linux/Unix tools and architecture.
• Understanding of best practices across multiple security disciplines/domains.
• Demonstrated ability to work autonomously with a Bias for Action, critical and creative thinking.
• Demonstrated ability to collaborate, develop partnerships, and work effectively as a member of a global, inclusive team.

In the spirit of reconciliation Amazon acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer, and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, disability, age, or other legally protected attributes.

If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.